CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Published Jan 15, 2026

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67859

CVSS ScoreMedium

5.1

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-67859

A Improper Authentication vulnerability in TLP allows local users to arbitrarily control the power profile in use as well as the daemon’s log settings.This issue affects TLP: from 1.9 before 1.9.1.

Published Jan 15, 2026

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-67859

CVSS ScoreMedium

5.1


rpm	tlp	1.0-1.el6
rpm	tlp	1.0-1.el7
rpm	tlp	1.1-1.el7
rpm	tlp	1.2.2-4.el8
rpm	tlp	1.2.2-4.epel8.playground
rpm	tlp	1.5.0-2.el9

Ecosystem	Package	Version


rpm	tlp	1.0-1.el6
rpm	tlp	1.0-1.el7
rpm	tlp	1.1-1.el7
rpm	tlp	1.2.2-4.el8
rpm	tlp	1.2.2-4.epel8.playground
rpm	tlp	1.5.0-2.el9

Find vulnerabilities. Fix fast with AI.

CVE-2025-67859

CVE-2025-67859